This is how enemies hack America — according to a cyber warrior

The media’s craze surrounding possible Russian interference with the US election through hacking isn’t going away anytime soon. Though the hype is primarily political, it’s important to separate fact from fantasy.

Tangibly, the overarching processes that corporations and nation-states use to gain advantage over a competitor or adversary are quite common. It’s important to evaluate how these attacks are used in the world today. The two main vectors used to attempt to exploit our election were Spear-Phishing and Spoofing.

Spear-Phishing

Spear-phishing targets select groups of people that share common traits. In the event of the Russian hack, the Russian General Staff Main Intelligence Directorate, or GRU, and affiliated non-governmental organizations (companies, organizations, or individuals loyal to Russia), sent phishing emails to members of local US governments, and the companies that developed the voting-registration systems.

USCG photo by Petty Officer 3rd Class Andrew Barresi

USCG photo by Petty Officer 3rd Class Andrew Barresi

Their intent was to establish a foothold on a victim’s computer, so as to perpetrate further exploitation. The end-result of that exploitation could allow manipulation and exfiltration of records, the establishment of a permanent connection to the computer, or to pivot to other internal systems.

Spoofing

Spoofing is an act in which one person or program successfully masquerades as another by falsifying data, thus gaining an illicit benefit. Most people understand spoofing in terms of email, whereby an attacker spoofs, or mimics, a legitimate email in order to solicit information, or deploy an exploit.

As it relates to the Russian situation, spoofing a computer’s internet protocol (IP) address, system name, and more, could have allowed a successful spear-phisher to bypass defenses and pivot to other internal systems. This kind of act is so trivial, some techniques are taught in basic hacking courses.

US Air National Guard photo illustration by Staff Sgt. Kayla Rorick.

US Air National Guard photo illustration by Staff Sgt. Kayla Rorick.

Ignore the Hype

What we know from reporting, as backed by unauthorized disclosures, is that defense mechanisms appear to have caught each of the spear-phishing and spoof attempts. Simply put, there is no information to suggest Russia had success.

For political reasons, politicians have worked hard to make this a major talking-point. However, these same politicos cannot speak in absolutes, because there simply wasn’t a successful breach—let alone one able to compromise the integrity of our national election.

One piece of information to note: these attacks are some of the most common seen in the cyber world. There is nothing revolutionary about these vectors, or how they are employed against government, commercial, and financial targets. This isn’t to suggest it is a moral or acceptable practice, rather the reality of life in the Information Age.

Army Reserve photo by Sgt. Stephanie Ramirez

Army Reserve photo by Sgt. Stephanie Ramirez

Hollywood Sucks

I would be remiss if I didn’t make a note about the way Hollywood (and media in general) portrays hacking in a way that is mystical and comical. The portrayals only serve to conflate an issue that is easily managed with thoughtful consideration and implementation of best-practices.

This is why we can’t have nice things.

(Kyle Buchanan | YouTube)

TOP ARTICLES
This is how missing or captured troops get promoted

According to the Department of Defense, prisoners of war and those under missing status continue to be considered for promotion along with their contemporaries.

6 reasons Charleston might be America's most gung-ho military city

From Charles Towne Landing to the Medal of Honor Museum, go grab a pint where George Washington drank and read about the military legacy of South Carolina's Atlantic jewel.

This is how long South Korea thinks it will take to conquer the North

South Korea says they are developing new plans to defend against advancing North Korean threats after a data breach left their outdated plans vulnerable.

This stunning video shows how well 100-year-old ammo works today

While original 1911 pistols surely still function today, turns out so does the ammo from that era.

This could be the Army's next rifle — and it's totally awesome

Textron debuted its newest rifle, the Intermediate Case-Telescoped Carbine, at AUSA. It's lighter and more deadly than the current M4.

16 jokes Germans could die for telling under the Nazi regime

The Nazi Party was well short of a majority when it came to power. So it's easy to believe that not everyone was a big fan of Hitler or his ideas.

These really smart people say bigger is better when it comes to building aircraft carriers

In an effort to reduce its fiscal footprint, the Navy is looking at making smaller ships. But these defense researchers say it's a terrible idea.

Now that ISIS is on the ropes, these guys have turned the guns on each other

Two US allies, which were armed and trained by US forces, have turned their weapons on each other, and there isn't much the US can do about it.

This is the definitive history of the world's most advanced fighter jet

The new F-22A Raptor fighter jet is the most advance fighter jet in the world, and it dominates on every level imaginable.

This is how the $102 million B-1A almost replaced the B-52

The plan was to buy 240 B-1As to replace the B-52 as the Air Force's primary strategic bomber, but eventually, they each found their place in the force.